from 0, < 0.7.3-2+deb9u1
from 0, < 0.8.4-1
from 0, < 0.6.3-4+deb8u3
HIGH8.8A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key…
from 0, < 0.9.8-0+deb11u2
HIGH8.8libssh - security update
from 0, < 0.8.7-1+deb10u2
HIGH8.8libssh - security update
from 0, < 0.9.3-1
HIGH8.8libssh - security update
from 0, < 0.6.3-4+deb8u4
HIGH8.2A flaw was found in libssh.
from 0
HIGH8.1A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library.
from 0, < 0.10.6-0+deb12u2
HIGH8.1A flaw was found in the libssh library in versions less than 0.11.2.
from 0, < 0.9.8-0+deb11u2
HIGH7.5A weakness has been identified in libssh up to 0.11.3.
from 0
HIGH7.5The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state,…
from 0, < 0.6.3-4.2
MEDIUM6.5A flaw was found in the SFTP server message decoding logic of libssh.
from 0, < 0.11.2-1
MEDIUM6.5A flaw was found in the key export functionality of libssh.
from 0, < 0.10.6-0+deb12u2
MEDIUM6.5A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signatu…
from 0, < 0.9.7-0+deb11u1
MEDIUM6.5libssh - security update
from 0, < 0.9.7-0+deb11u1
MEDIUM6.5libssh - security update
from 0, < 0.9.7-0+deb11u1
MEDIUM6.5libssh - security update
from 0, < 0.9.5-1+deb11u1
MEDIUM6.5libssh - security update
from 0, < 0.9.5-1+deb11u1
MEDIUM6.3A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory.
from 0
MEDIUM5.9erlang - security update
from 0, < 0.9.8-0+deb11u1
MEDIUM5.9erlang - security update
from 0, < 0.9.8-0+deb11u1
MEDIUM5.9libssh - security update
from 0, < 0.7.3-2+deb9u3
MEDIUM5.9libssh - security update
from 0, < 0.9.5-1
MEDIUM5.9libssh - security update
from 0, < 0.6.3-4.3
MEDIUM5.9libssh - security update
from 0, < 0.4.5-3+squeeze3
MEDIUM5.9libssh - security update
from 0, < 0.5.4-1+deb7u3
MEDIUM5.5A flaw was found in libssh.
from 0
MEDIUM5.3A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backe…
from 0, < 0.9.8-0+deb11u1
MEDIUM5.3A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers.
from 0, < 0.9.4-1
MEDIUM4.8A flaw was found in libssh.
from 0, < 0.9.8-0+deb11u1
MEDIUM4.7A flaw was found in libssh, a library that implements the SSH protocol.
from 0, < 0.9.8-0+deb11u2
MEDIUM4.5libssh - security update
from 0, < 0.9.8-0+deb11u2
MEDIUM4.5libssh - security update
from 0, < 0.9.8-0+deb11u2
LOW3.6A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function.
from 0, < 0.9.8-0+deb11u2
LOW3.3A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing.
from 0
LOW3.1A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname'…
from 0
LOW3.1A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses.
from 0, < 0.9.8-0+deb11u2
—Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cau…
from 0, < 0.6.3-4
—libssh - security update
from 0, < 0.5.4-3
—libssh - security update
from 0, < 0.4.5-3+squeeze2
—The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to…
from 0, < 0.5.4-1
—Double free vulnerability in the sftp_mkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service…
from 0, < 0.5.3-1
—Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and possibly…
from 0, < 0.5.3-1
—The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in ke…
from 0, < 0.5.3-1
—Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary…
from 0, < 0.5.3-1
—libssh - several
from 0, < 0.4.5-3+squeeze1
—libssh - several
from 0, < 0.5.3-1